 |
 |
On Fri, 22 Feb 2008, John Paschoud wrote: >> But as John said microsoft are to be applauded for choosing >> to use this mechanism for student verification (sic), it >> would have been nice, though, to have had a "heads up" that >> this was coming, were JISC or JANET expecting this or was it >> as much a surprise as it was to me (who received a service > > When you get *really* famous, Bill will give you a personal call on your > mobile to let you know what he's going to do, before he actually does > it. The next time he calls me for advice, I'll try and let you know in > time too ;-> Could you let me know too? :-) Seriously, there is a communication issue here. Shib and other federated identity technologies allow people to implement services without necessarily having to consult identity providers (as happened here). Since our users will be using our identity providers to access these services they naturally hold us responsible if it doesn't work and refer their queries (at least about authentication, and probably about everything else) to our Help Desks. If we don't know the service is coming we can't warn our Help Desks, and we can't test and if necessary configure appropriate attribute releases to make things work. Further, it would be really useful if new (and existing) services were clear about what attribute and attribute values they require and/or can use if provided. DreamSpark have gone some way to doing this (though apparently only via an unlinked web page!), but it's still unclear what attribute and attribute values they actually require. The same applies more or less to other existing services. As a result IdP administrators up and down the country are currently experimenting to try to work out what's going on. Since we can't expect people launching (or changing) services to contact all IdPs individually could someone, perhaps JISC but probably better the UK Federation, act as a clearinghouse for this sort of information and actively encourage SPs (at least those representing large-scale services) to contribute timely and complete information? Jon. -- Jon Warbrick Web/News Development, Computing Service, University of Cambridge